- From: Bernard Aboba <Bernard.Aboba@microsoft.com>
- Date: Wed, 28 Jan 2015 01:40:25 +0000
- To: "public-ortc@w3.org" <public-ortc@w3.org>
>From Rajesh Gunnalan: The specification could be more clear about the use of the getRemoteParameters() and getRemoteCertificates() methods. DtlsTransport.start(remoteParameters) needs to be called before DTLS negotiation can complete. remoteParameters.fingerprints[i] provides the remote certificate fingerprints, which are matched against the fingerprints of the remote certificate provided within the DTLS negotiation. The definition of getRemoteParameters is: "Obtain the current DTLS parameters of the remote RTCDtlsTransport." Since DTLS renegotiation isn't supported, the "current" DTLS parameters won't change after calling DtlsTransport.start(remoteParameters). Therefore getRemoteParameters() returns null prior to calling start(remoteParameters) and getRemoteParameters always returns whatever remoteParameters were provided in the argument to start(). Given this, does getRemoteParameters() have much value? As far as getRemoteCertificates is concerned, my understanding is that this is provided in order to allow validation of remote certificates. However, since this would be done by a (potentially untrusted) application, isn't it better for validation to be handled by the browser? What else could getRemoteCertificates() be used for?
Received on Wednesday, 28 January 2015 01:40:55 UTC